216.73.216.215

CVE-2025-21614

· Published 06/01/2025 17:15 · Modified 06/01/2025 17:15

Labels: CVE-2025-21614 2025-01-06CVE-2025-21614CWE-400CWE-770[email protected]

Essential information

Published
06/01/2025 17:15
Modified
06/01/2025 17:15
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability.

NVD status

Status
Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

References